The apps were discovered by Dr. Web antivirus and they pose as useful utilities and system optimizers when in fact they do the complete opposite. They are one of the main performance problems and experience degradation for users, who also receive a large number of ads on their phone, slowing it down.
If you install any of these apps, you will notice how your phone is much slower and does not work as it should, although until now you may not have been aware of the cause of this.
Tubebox ‘breaks’ your phone and doesn’t keep its promisesOne of the apps discovered by Dr. Web that has accumulated a million downloads. This is TubeBox, which right now remains available on Google Play, although they may soon remove it. If you have installed it, delete it immediately from your mobile, and if you have not done so, do not install it.
TubeBox is an app that promises you money in exchange for watching videos and ads in the app, although in reality it seems that it never keeps its promises. There are errors when trying to redeem earned rewards. Users who manage to complete the final withdrawal step never receive the funds.
In reality, it is a trick to keep them in the app as much of the time as possible, generating income for its developers. However, those who install it, the only thing they notice is that their phones are not as fluid and its performance suffers.
These apps fill your mobile with ads
other adware applications that have appeared on Google Play in October of this year are the following. Although they have been removed from the Google app store, you could have installed one:
- Bluetooth device auto connect (bt autoconnect group) – 1,000,000 downloads
- Bluetooth & Wi-Fi & USB driver (simple things for everyone) – 100,000 downloads
- Volume, Music Equalizer (bt autoconnect group) – 50,000 downloads
- Fast Cleaner & Cooling Master (Hippo VPN LLC) – 500 downloads
Applications receive commands from Firebase Cloud Messaging (FCM) and load the websites specified in these commands, generating fraudulent ad impressions on devices who have been infected.
In the case of Fast Cleaner & Cooling Master, with few downloads until its removal, remote operators could also configure an infected device to act as a proxy server. This proxy server would allow threat actors to funnel their own traffic through the infected device.
Detected fraudulent loan apps
Dr. Web also discovered a set of fraudulent loan applications that claimed to be directly associated with Russian banks and investment groups, each averaging 10,000 downloads on Google Play. They were also known as directories and survey programs.
They were promoted by means of malvertising through other applications, promising guaranteed investment returns when what they did was take their victims to phishing sites where they collects your personal information.
To prevent these or other apps from harming you, be careful with what you install, avoid installations outside of Google Play on your mobile and have a good antivirus to protect yourself from external threats. If you have one, uninstall it immediately.